<?php
/**
*
*	登录程序 @zairwolf
*/


require_once 'include/init.php';

require_once ROOT.'include/api.func.php';


$forward=_get_post('forward');
$loginuser=_post('loginuser');
$loginpwd=_post('loginpwd');
$cookie_time=_post('cookie_time');
$hash=_post('hash');

if(!$forward) {
	if(!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'login')===false) {
		$forward = $_SERVER['HTTP_REFERER'];
	}else {
		$forward = $_SYSTEM['SYSTEM']['SITE_ADDR'];
	}
}else {
	$forward = urldecode($forward);
}


$asid=_get('asid');
$step=_get('step');
//api跳转
if(!empty($asid) && is_numeric($step)) {
	$uri = ApiCache($asid);
	if(isset($uri[$step])) {
		header("Location: ".$uri[$step]);
	}else {
		unlink(ROOT."data/cache/api/api_$asid.php");
		if(strpos($uri['forward'],'login')===false){
			header("Location: ".$uri['forward']);
		}else{
			header("Location: ".$_SYSTEM['SYSTEM']['SITE_ADDR']);
		}
	}
	exit;
}

//登录
if($action == 'login') {
	if(!_secode_check(1, $hash)) b('验证码错误');

	if(empty($loginuser) || empty($loginpwd)) b('缺少用户名或密码');
	if(!$userarr=db_r("select * from rd8_user where name='$loginuser' and pswd='".md5(md5($loginpwd))."'")) b('密码验证错误');
	if($userarr['active']<>1) b('尚未激活，请先激活后方可使用该账号');//2009-5-11 加上对未激活的检测了

	$cookie_time+=86400;

	cookie('sid');
	cookie('lnfo', array($loginuser, md5($loginpwd)), $cookie_time);

	if($_SYSTEM['SYSTEM']['api'] == 'general') {//api跳转
		include _cache('api');
		$asid = GetApiData($_CACHE['api'], 'login', 'ENCODE', $loginuser, $loginpwd, $userarr['email'], $cookie_time);
		$uri = ApiCache($asid);
		j($uri[1], '登录成功');
	}else {
		j($forward, '登录成功');
	}
}

//注销
if($action=="logoff") {
	cookie('sid');
	cookie("lnfo");

	if($_SYSTEM['SYSTEM']['api'] == 'general') {//api跳转
		include _cache('api');
		$asid = GetApiData($_CACHE['api'], $action);
		$uri = ApiCache($asid);
		j($uri[1], '退出成功');
	}else {
		j($forward, '退出成功');
	}
}

//默认显示
if(!$action){
	if($_G['user_id']) b('已经登录');
	//显示登录
	$seokeyword[]='login';
	_header($seokeyword);//输出头部

	$tpl = new T('login');
	$tpl->assign(array(
		'action'  => $action,
		'forward' => $forward,
		'C_loghashenable' => _secode(1),
	));

	$tpl->output();

	_footer();
	
}
